Week 16 In Review – 2014

Highlights from the SyScan 2014 Conference – symantec.com
David Maciejak recently attended the Symposium on Security for Asia Network (SyScan), an annual conference held in Singapore, which brings together computer security researchers from around the world. This year, security myths were dispelled and several interesting topics were discussed at the conference. The following is a list of some of the topics and demonstrations he found interesting at this year’s conference.

Resources

iSEC Completes TrueCrypt Audit – isecpartners.github.io
As announced in December 2013, iSEC Partners (iSEC) worked with the Open Crypto Audit Project on the final goal conducting a methodical analysis of TrueCrypt through code review and penetration testing. iSEC is grateful and honored to have been a part of the TrueCrypt security audit and feels that the analysis was both productive and important. iSEC’s full report is now available to the public.

The security of the most popular programming languages – net-security.org
A new WhiteHat Security report takes a deeper look into the security of a number of the most popular programming languages including .Net, Java, ColdFusion, ASP and more. The complete report is available here.

Heartbleed: Picking your pocket 64k bytes at a time – stateofsecurity.com
James Klun consolidated some of the things He learned about Heartbleed over the last week and provided his – hopefully correct – answers to some of the questions He’d been asked. He also placed a companion audio commentary here.

IronWASP 2014 is finally here! – blog.ironwasp.org
IronWASP 2014 is finally released and it is packed with features to help make your life easy. Here’s what is new.

Burp Suite Professional – Release Notes – releases.portswigger.net
This is the final v1.6 release. Burp Suite Free Edition contains significant new features added since v1.5. Burp Suite Professional contains a number of bugfixes and tweaks, added since the last beta version.

nmap Grepable Script Output – Heartbleed – blog.didierstevens.com
Peter was looking for a way to make nmap’s heartbleed script output grepable. He ended up hacking the script. Didier Stevens proposed a method without modification of the NSE heartbleed script.

SSLyze v 0.9 released – Heartbleed edition – isecpartners.github.io
A new version of SSLyze is now available. This version brings a few improvements and bug fixes as well as a new plugin to identify servers affected by the Heartbleed vulnerability.

Kansa: A modular live response tool for Windows enterprises – trustedsignal.blogspot.com
A look at the Readme.md says Kansa is a modular rewrite of another script in davehull’s Github repro called Mal-Seine. Mal-Seine was a Powershell script he hacked together for evidence collection during incident response.

Techniques

iOS Kernel Reversing Step by Step – viaforensics.com
This article will show you step by step how to obtain, decrypt and extract a binary version of the iOS kernel with the help of Santoku-Linux 0.4.

Exploiting CSRF under NoScript Conditions – community.rapid7.com
CSRFs-or Cross-Site Request Forgery vulnerabilities occur when a server accepts requests that can be “spoofed” from a site running on a different domain. The attack goes something like this.

Vendor/Software patches

VMware reveals 27-patch Heartbleed fix plan – theregister.co.uk
VMware has confirmed that 27 of its products need patches for the Heartbleed bug. Patches are already available for Horizon Workspace Server 1.0 through 1.8.

Critical Java Update Plugs 37 Security Holes – krebsonsecurity.com
Oracle has pushed a critical patch update for its Java SE platform that fixes at least 37 security vulnerabilities in the widely-installed program. Several of these flaws are so severe that they are likely to be exploited by malware or attackers in the days or weeks ahead.

Confirmed: Nasty Heartbleed bug exposes OpenVPN private keys, too – arstechnica.com
Private encryption keys have been successfully extracted multiple times from a virtual private network server running the widely used OpenVPN application with a vulnerable version of OpenSSL, adding yet more urgency to the call for operators to fully protect their systems against the catastrophic Heartbleed bug.

Sponsors

About Us

Infosec Events is dedicated to the growing information security industry. We strive to provide useful information and resources to those in the industry. Don't hesitate to contact us should you need anything.